<?php
require_once 'include.php';
$arr['code']="st".date('Ymd').uniqid();
$arr['userId']=$_SESSION['loginFlag'];
$arr['createTime']=time();
$arr['addressId']=$_POST['addressId'];
$allPro=getAllCartPro();
foreach ($allPro as $pros){
    $arr['pid']=$pros['pid'];
    $arr['price']=$pros['price'];
    $arr['num']=$pros['num'];
    $result=insert("stshop_order",$arr);
    //减库存
    $pid=$pros['pid'];
    $product=getProById($pid);
    $pNum=$product['pNum']-$pros['num'];
    mysql_query("UPDATE stshop_pro SET pNum = '$pNum' where id=$pid");
    //删购物车
    $cartId=$pros['id'];
    delete("stshop_cart","id=$cartId");
}
//给paypal准备数据
$item_number=$arr['code'];            //订单号
$item_name=$allPro[0]['pName']." 等商品";//商品名称
$totalPrice=$_POST['totalPrice'];         //订单总价
$receiver_email ='1027577022-facilitator@qq.com';//收款账号
?>
<html>
	<head>
		<title>正在跳转Paypal付款</title>
		<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
	</head>
	<body>
		<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
			<input type="hidden" name="cmd" value="_xclick"> 
			<input type="hidden" name="business" value="<?=$receiver_email?>">  
			<input type="hidden" name="item_name" value="<?=$item_number?>">
			<input type="hidden" name="item_number" value="<?=$item_number?>">
			<input type="hidden" name="currency_code" value="USD"> 
			<input type="hidden" name="amount" value="<?=$totalPrice?>"> 
			<input type="hidden" name="return" value="http://bxu2442430302.my3w.com/payment/paypal/pdt.php" />
			<input type="hidden" name="notify_url" value="http://bxu2442430302.my3w.com/payment/paypal/ipn.php" />
			<input type="hidden" name="cancel_return" value="http://bxu2442430302.my3w.com/payment/paypal/pdt.php" />
			<input value='US' type='hidden' name='lc'> 
		</form>
		<script>
			document.forms[0].submit();
		</script>
	</body>
</html>